I think Robert Ancell is right. And assuming that's correct, there's no security or logical benefit to passing the PID in the protocol because it can be spoofed. If you can get the PID from the socket that would be more secure, less redundant and simpler.
Perhaps a security expert would have further suggestions...
I think Robert Ancell is right. And assuming that's correct, there's no security or logical benefit to passing the PID in the protocol because it can be spoofed. If you can get the PID from the socket that would be more secure, less redundant and simpler.
Perhaps a security expert would have further suggestions...